Poster - CVE CyberSecurity Database News (Page 215)

Feb 18, 2025 XSS WordPress PHP

CVE-2025-0864 - Reflected XSS Vulnerability in Active Products Tables for WooCommerce Plugin (All Versions ≤ 1..6.6) Explained

If you’re running a WordPress online store with WooCommerce, you might be using Active Products Tables for WooCommerce to display product listings. However, a

Feb 18, 2025 XSS WordPress Exploit Google

CVE-2024-13565 - Exploiting Stored XSS in Simple Map No Api WordPress Plugin (<= v1.9)

TL;DR: The Simple Map No Api plugin for WordPress, up to and including version 1.9, has a dangerous vulnerability. If you’re letting

Feb 18, 2025

CVE-2025-1390 - Libcap's PAM Module Incorrectly Recognizes Group Names, Leading to Privilege Escalation

The libcap package provides tools for configuring capabilities on Linux systems, including the powerful PAM (Pluggable Authentication Modules) engine. PAM is utilized for managing user

Feb 18, 2025 API

CVE-2025-20075 - Exploiting SSRF in FileMegane (3...1 to Pre-3.4..) – How Arbitrary Requests Can Crash Your Server

--- Summary A new critical vulnerability, CVE-2025-20075, has surfaced in FileMegane, an enterprise file management solution popular with small and medium businesses. This bug is

Feb 17, 2025 XSS WordPress PHP Google

CVE-2025-23840 - Reflected XSS in WP-NOTCAPTCHA Plugin Explained With Code & Exploit Details

WordPress is the most popular website platform around, which means its plugins are a juicy target for hackers. A recently disclosed vulnerability—CVE-2025-23840—affects the